Skip to content
Categories:

Episode 81 – Risk Based Security Program chat w/TripWire

Dwayne and Cindy from Tripwire join Martin to discuss the latest Ponemon Institute study underwritten by TripWire which analyzes some important questions about how Risk Based Programs are faring.

While it’s not the Ne Plus Ultra of reports and, to be fair, we have somewhat lampooned Ponemon in the past it is a decent start on seeing how Risk Based Ideology is impacting programs around the world.

The report itself can be found at

http://www.tripwire.com/ponemon2012/

See you next time!

http://traffic.libsyn.com/sfspodcast/SFS_Podcast_-_Episode_81.mp3

Posted in Podcasts.

2 comments

By theassistant July 13, 2012

Episode 82 – It Was Hackers!

This episode was a momentous occasion, as all five members of the podcast were in the same place, and we wasted no time in getting into some of the fun stories that have popped up in the past few weeks.

First, Cisco and their great Cloud debacle:
http://www.csoonline.com/article/710281/cisco-apologizes-for-privacy-confusion-makes-cloud-service-an-opt-in-feature

Then, we get into a lively discussion of PCI and the FBI’s recent credit card ring bust:

And finally, on a lighter note, a suburb of Chicago deals with what may or may not be hackers, which is where we get our picture for this episode:
http://www.chicagotribune.com/news/local/suburbs/lemont/chi-police-hacker-lemont-tornado-siren-20120703,0,1739228.story

As always, you can find the podcast here or on iTunes: http://sfspodcast.libsyn.com/rss

And if you have any feedback, drop us a comment or find us at @SFSPodcast on Twitter. And come out and say hi to us in Vegas during BH/DC/BSidesLV

Posted in Uncategorized.

No comments

By theassistant July 9, 2012

Our first contest winner’s entry: Detro

I’ve worked in our Security Operations Center for the last 6 years and
we monitor ever potential intrusion issue our customers face, mitigate
these threats and perform forensic analysis when required. We also and
manage their PCI scans, their AIP modules and their Fortigate UTM
devices.I feel that as a company need to back away from the UTM/IDS/IPS all in
one based security model where we are trusting device’s that provides
our analyst’s with little to no packet data back to our original IDS
model of a snort/vortex hybrid as we can never truly understand the
full depth of an attack or even potential threats being thrown against
our customers networks with the data we currently use. Our false
positive rate is through the roof and though it may cost us more now
we need to focus on getting our analysts the data they need to fully
understand these intrusion events or else we will never be able to
truly compete at large scale enterprise level.

We need to provide our PCI customers with actual mitigation strategies
for when they fail their PCI scans instead of simply sending them a
auto generated report compiled from nessus, saint and nexpose results.
I feel we are under utilizing our entire staff whom are all potential
points of infiltration and defense as well. We need to keep all of our
teams on their toes and potentially provide incentives for those who
question the person walking towards the data center theyve never seen
before about why they are there or to notify our security team when
they receive an email that may seem slightly abnormal. We need a good
mixture of internal security testing, random internal penetration
tests and audits. Another great way to imrpove on this would be
phishing our own employee’s to see if our minimal internal security
training is truly enough and will show us the employees who may need
slightly more training.

If we truly want to perform well in the security field we need to
provide our customers and the security community in general with more
information regarding our research on botnet reverse engineering, more
information regarding mitigating current and active threats such as
infection campaigns. We should also be working with our russian and
chinese speaking analysts to infiltrate many of the known underground
forums to provide our company, customers, partners and the industry as
a whole with as much information as possible regarding the threats and
targets we could obtain from this intelligence.

Posted in Uncategorized.

No comments

By theassistant May 14, 2012

Episode 80 – Winners and Losers

Tonight, Martin, Steve, and Joseph announce the first winner of the Southern Fried Security Elevator Pitch contest: Detro! Congrats! We still have 3 BSidesLasVegas tickets to give out, so make sure you send in your entries.

We also discussed a few stories tonight.

First, we talked about Adobe, and their recent dealings with patching their flagship CS5 product:

http://www.securityweek.com/adobe-changes-tune-forcing-paid-upgrade-fix-security-flaw

Then, we talked about the newly proposed .secure TLD, and some of those ramifications:

http://www.wired.com/threatlevel/2012/05/dot-secure/

And lastly, we talk about a fantastic article about how to identify the real threats to your organization from DarkReading:

http://www.darkreading.com/threat-intelligence/167901121/security/security-management/240000308/4-ways-to-identify-the-real-threats-to-your-organization.html

As always, you can find the podcast here or on iTunes: http://sfspodcast.libsyn.com/rss

And if you have any feedback, drop us a comment or find us at @SFSPodcast on Twitter. And don’t forget to submit your entries to sfspodcastcontest@gmail.com

Posted in Podcasts.

No comments

By theassistant May 14, 2012

Episode 75 – Global Payments – Oy Vey!

This evening, the gang is all here! Martin, Joseph, Steve, and Yvette all jump on to talk about

some new and exciting breach type stories.

First, we talked about our first credit card payment processor breach since Heartland, Global
Payment Systems.

http://krebsonsecurity.com/2012/04/global-payments-1-5mm-cards-exported/

http://www.darkreading.com/security/privacy/232800063/global-payment-systems-compromised-in-massive-breach.html

And if we’re talking breaches, we had to talk about this year’s Verizon DBIR:

http://www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2012_en_xg.pdf

As always, you can find the podcast here or on iTunes: http://sfspodcast.libsyn.com/rss

And if you have any feedback, drop us a comment or find us at @SFSPodcast on Twitter.

Posted in Podcasts.

No comments

By theassistant April 2, 2012

Episode 73 – The Song of the Sabu

Episode 73 – The Song of the Sabu

Tonight, it’s just Martin and Joseph, and they’re hitting some of the breaking news of the evening. First, they talk about the Security Bloggers Meetup from RSA, and props to all the winners and nominees:

http://www.ashimmy.com/2012/03/social-security-blogger-award-winners.html

Then, we get in to the real meat of the show tonight: Sabu and the FBI arrests:

http://www.fbi.gov/newyork/press-releases/2012/six-hackers-in-the-united-states-and-abroad-charged-for-crimes-affecting-over-one-million-victims

http://erratasec.blogspot.com/2012/03/notes-on-sabu-arrest.html

To close out, we brought up some fun news for this summer: BSidesLasVegas2012 is offering mentorship for those who want to break in to the security speaking “circuit”. Check that out here:

http://www.securitybsides.com/w/page/51614272/BSidesLV%202012

As always, you can find the podcast here or on iTunes: http://sfspodcast.libsyn.com/rss

And if you have any feedback, drop us a comment or find us at @SFSPodcast on twitter.

Ah, and our closing song for the evening: The Song of the Cebu - http://www.youtube.com/watch?v=_uv8Ej4CEoQ&ob=av3n

Posted in Podcasts.

No comments

By theassistant March 6, 2012

Episode 72 – Doing It Right, Doing It Wrong

Tonight, we announce ourselves a new member: Yvette Johnson! (@jetsetyvette on twitter) She’s going
to bring a softer side to the podcast. So of course, we picked us two stories on opposite ends of
the spectrum to get her started.

First, we had us a story of folks doing it right: Liquidmatrix. Read this entire article.
Seriously. Now do it again. A fantastic article, we had nothing but good things to say about it.

http://www.liquidmatrix.org/blog/2012/02/21/we-are-losing/

On the very opposite end of the spectrum, an article from Forbes. A textbook example of FUD
marketing. (For prior reading, check out this article for a little background:
http://www.loglogic.com/blog/what-does-s-stand )

http://www.forbes.com/sites/petercohan/2012/02/17/loglogic-helps-ceos-sleep-at-night/

As always, you can find the podcast here or on iTunes: http://sfspodcast.libsyn.com/rss

And if you have any feedback, drop us a comment or find us at @SFSPodcast on twitter.

Posted in Podcasts.

No comments

By theassistant February 21, 2012

Episode 71 – They Did What???

Episode 71 – They Did What???

 

Tonight it’s just Martin and Joseph, so we decided to hit some of the hard hitting topics of the last week:

First, we talk about a fantastic article from Dark Reading about “Do you need a Security Operations Center”: http://www.darkreading.com/security-monitoring/167901086/security/perimeter-security/232500661/do-you-need-a-security-operations-center.html

Then, we get warmed up for our rants of the evening with Steve’s article about the VeriSign disclosures, or lack thereof: http://www.thetechherald.com/articles/VeriSign-left-executives-and-the-public-in-the-dark-about-breaches/16168/

And finally, we get to a nigh-impenetrable blog post from Trustwave, talking about why they issued a Certificate Authority to a private organization: http://blog.spiderlabs.com/2012/02/clarifying-the-trustwave-ca-policy-update.html

We wrap up with a nice wrap-up of Shmoocon from Martin, and announcements about SOURCE Conference.

As always, you can find the podcast here or on iTunes: http://sfspodcast.libsyn.com/rss

And if you have any feedback, drop us a comment or find us at @SFSPodcast on twitter.

Posted in Podcasts.

No comments

By theassistant February 6, 2012

Episode 69 – Offensive Security Redux

Tonight Martin, Joseph, and Steve touch on some fun topics tonight, revisiting some of our conversations from about this time last year in Episode 43. Without further ado – our stories for the evening:

It’s the breaches of the week!

http://www.dreamhoststatus.com/2012/01/20/changing-ftpshell-passwords-due-to-security-issue/

http://www.thetechherald.com/articles/24-million-customer-accounts-exposed-in-Zappos-hack/16025/

And for the second half of our podcast, we discussed a return to Offensive Security, thanks to this article by George Hulme:

http://www.csoonline.com/article/698237/enough-defense-is-it-time-for-an-it-security-offensive-

And for your bonus image for the day, we ma have dug up an image of Alex Hutton during his college days:

I'm not saying this is Alex, but it's probably Alex

As always, you can find the podcast here: http://sfspodcast.libsyn.com/rss

And if you have any feedback, drop us a comment or find us at @SFSPodcast on twitter.

 

Posted in Podcasts.

1 comment

By theassistant January 23, 2012

Episode 67 – Hashes, Hackers, and STRATFOR – Oh My!

A happy new year to all our listeners! The boys are back in town, as it were. There are some big changes that came up this year, the first of which being a slight change to our format. We’ll be moving to a bi-weekly schedule, with interviews or other format episodes on the alternate weeks.

Also, it’s with great regret that we have to announce that our good friend, Andy Willingham, will no longer be on the podcast with us for a while. Life can be a little crazy, and he’s going to take a break for a little while, and we wish him all the best.

So this week, Martin, Steve, and Joseph dug into the password leak from the STRATFOR breach, and what the implications could be for passwords, and how we should look at the breach, based off of Steve’s article: http://www.thetechherald.com/articles/Report-Analysis-of-the-Stratfor-Password-List

Join us next week as we have a special interview with Alex Hutton.

As always, you can find the podcast here: http://sfspodcast.libsyn.com/rss

And if you have any feedback, drop us a comment or find us at @SFSPodcast on twitter.

 

 

 

 

Posted in Podcasts.

No comments

By theassistant January 9, 2012